Month: April 2009

Keller Schroeder President Larry May has been elected to the Board of Directors for the United Way of Southwestern Indiana. “As a fan of United Way for many years, I consider it an honor to have the opportunity to serve the organization as a Board member,” May said. He pointed out that the employee-owners of Keller Schroeder have been strong and consistent supporters of the United Way, and that, “We will look at this appointment as another way to be a helpful resource to an organization that has a huge impact on our community.”

Have a need for faster wireless access? Cisco is now offering 802.11n Access Points capable of speeds as fast as 300 Mbps over both 2.4 GHz and 5 GHz radio frequencies. This is accomplished using MIMO (pronounced “mee-moh”) or Multiple Input, Multiple Output technology for enhanced reliability.

The following are highlights regarding the two current 802.11n Access Point models from Cisco.

Aironet 1140 Series

Indoor access point

Integrated 2.4 GHZ & 5 GHz antennas

Gigabit Ethernet connection required

Currently only available in LWAPP mode

Aironet 1250 Series

Indoor Rugged access point

First enterprise-class access point to support IEEE 802.11n draft 2.0 standard

3 RP-TNC external antenna connectors per frequency

Gigabit Ethernet connection required

Available in LWAPP or IOS mode

With new technology comes new responsibility – and often new questions. Below are a few of those you may find yourself or your co-workers asking:What about my current Cisco wireless infrastructure?
No need to worry about incompatibilities with your current WLAN the 802.11n APs from Cisco are fully backward compatible with 802.11a/b/g!Can I simply upgrade my current Cisco 1100/1200 Series AP to 802.11n?
Unfortunately, current access points are not upgradeable to 802.11n.Will my current Cisco Wireless LAN Controller support 802.11n?
Absolutely! We may need to install the latest WLC software, but 802.11n is supported!Could I build a wireless bridge using the Cisco 1250 AP?
Yes, the 1250 can be configured for bridging in autonomous mode. This would provide a quick ROI when compared to monthly circuit costs.For those readers that enjoy geeking-out or just reading up on the technical specifications of new products, you’ll definitely want to take a look at the following: 802.11n: The Next Generation of Wireless PerformanceIf you think the new 802.11n speeds are for you, contact your Keller Schroeder Senior Account Manager to learn more or discuss the benefits of implementing 802.11n technology within your environment.

At some point, we’ve all experienced that dilemma that comes with choosing a new password. Whether the account is for access to business data, personal financial data, or private resources, we’re left with trying to decide if we should provide a weaker password that is easier to remember or a stronger password that we are more likely to forget in the name of protecting our data. If you continue to face that quandary as you define new accounts or change your passwords, here are a few things to consider that might help in defining secure passwords that can be used effectively.

First, all passwords should be at least eight characters in length. Simple math logic dictates that in general, the longer a password is, the harder it will be to guess for any attacker. A common practice for making long passwords easier to remember is to use a pass phrase. You can use the first letter of each word in a phrase, a song lyric, or a favorite quote to create easy to remember yet non-sensical passwords. “Four score and seven year ago, our fathers brought forth” can become “Fs&7yaofbf” – which is a ten character password that can still be remembered and recreated after you have finished reading this refresher.

Second, all passwords should contain a variety of upper/lowercase letters, numbers, or special characters. Using this tip to expand the number of possible values within the password can make passwords considerably harder to compromise. Consider that a password of “password” and a password of “Pa$$w0rD” are both eight character passwords, but clearly one will be harder to compromise than the other. It is much harder to brute-force attack an eight character password that has almost one-hundred different options for each character than a password of the same length that has only twenty-six options for each character.

Third, a common expression in password management is that you should treat your passwords like your toothbrush – “never share it with anyone and change it regularly.” The problem with sharing a password, whether for support or to allow someone to temporarily use your system, is it provides potential malicious users with insight into the personal pattern you use for creating passwords. If you share that your secure password is MyDogI$R3x, then it becomes worth noting to the malicious user that you have decided at least once to tie a password to the name of a pet. If you have reused that password on other systems, or used a similar process to create other passwords, the process of guessing becomes much easier.

Lastly, there are several common sense points worth reiterating when it comes to securing passwords.

Do not write down your passwords. If you need to store seldom used passwords for future reference, use a free encrypted password storage utility, such as Passkeeper.

Do not use dictionary words, your username, or family names as a base for your password.

Do not use any of those taboo categories supplemented with just a number at the front or back of the word to try to make it more secure.

Do not send your password via email. Of course, this overlaps with never sharing your password with anyone, but is important enough to mention again.While no method for creating passwords manually will be as secure as random One-Time Passwords (OTP) that many people have used for access to more secure systems, following those simple guidelines can help to minimize risk, help you remember secure passwords, and move you along the path of having better security habits.

Blue Coat ProxySG Secure Gateway

The Blue Coat ProxySG Secure Gateway (ProxySG) appliance can be configured to provide two different functions. In MACH5 mode, it operates as a WAN Optimization device. In Proxy mode, it functions as a Content-Caching Proxy Server, providing an additional layer of security for accessing the Internet.

To “proxy” is defined as “authorized to act for another’. The ProxySG can be implemented in ‘forward-proxy’ mode where it is used as a client gateway to the Internet, or in ‘reverse-proxy’ mode where it provides the initial point of access to your web servers. In reverse-proxy mode, the ProxySG can provide services such as load-balancing and SSL offloading to enhance the security and availability of your web servers. For this discussion, however, we will focus on features provided by the forward-proxy mode of the ProxySG.

Web browsers such as Internet Explorer and Firefox receive content from a web site and store that data temporarily in a folder on your computer. This temporary storage is called ‘cache’. If you go to that web site while the data is in cache, the browser can pull the data from there instead of going to the Internet to get it. This allows the web site to be displayed much faster. Unfortunately, this data is only available to the same person that initially accessed it since it is stored on their local computer. The content caching feature of the ProxySG changes that. Since it is a network device that is acting on behalf of your Internet users, the content is stored on the ProxySG. Therefore, the content from one user’s access is made available to all other authorized users. The next person that launches their browser and requests that same website will receive it from the cache on the ProxySG. The end result of this content-caching feature is that many websites can be stored on the ProxySG and made available to all of your users. This approach can help you use your Internet bandwidth much more efficiently.

The ProxySG can support several web filtering solutions on-the-appliance, such as SmartFilter and Websense in addition to Blue Coat’s own BCWF (web filter). All web filtering solutions categorize web sites based upon a number of criteria such as key words, phrases, site language, links, and spyware. The BCWF database contains over 15 million websites published in more than 50 languages, and organized into 69 categories. Unlike some solutions that update the database daily (or less often), Blue Coat’s BCWF database updates these categories several times an hour. In addition, the BCWF web filter can be configured to provide dynamic protection with their Dynamic Real-Time Rating (DRTR) service that categorizes web sites ‘on-the-fly’. When running the BCWF web filter on the ProxySG, the powerful policy engine allows use of the categories in your defined access policies. For example, a policy could be written to block sites in the ‘Social Networking’ category during working hours, but allow access to those sites during the lunch hour.

In today’s economy, online training is often preferred over traveling for a training course. If several people within your organization decide to view that online training at the same time, it could significantly impact your Internet connection due to high utilization. To help mitigate this situation, the ProxySG has a feature called Stream Splitting and Caching. First, if a video stream can be cached, it is cached on the ProxySG in a fashion similar to the web content mentioned previously. Secondly, the Stream Splitting feature is the ProxySG recognizing that the same video is being requested by another person and splits the stream internally to serve the content to both individuals directly from the ProxySG, instead of pulling the content from the Internet again.

SilverLight Has No Place in Business…or Does it?

It’s that cool technology used by NBC to show videos of the Olympics and by CBS to stream all the action of the Final Four this year. So, what’s that got to do with running your business? Well, maybe more than you think.

Internet usage has risen sharply since 2000. This means that more and more of your customers, business partners, and employees are using the internet every day, and interacting with sites that provide not only high definition media, but empower the user through rich interactive applications (also known as RIA’s), such as easy drag and drop interfaces, real-time feedback with no reloading or jerking in the page, and personalization capabilities. (See Hardrock.com for some examples of RIA’s in action.) It’s all about user experience. Using the same techniques within your business gives your customers, partners, and employees familiar tools that not only provide a great user experience, but a more productive interface. That means efficiency and time savings, which lead to cost savings for your business.

Deliver easy to use, fast and efficient applications on extranets to communicate more information with business partners.

Provide tools, such as training videos and RIA’s, which empower employees to do more in less time.And it only gets better from here!

Microsoft defines today’s SilverLight as “a cross-browser, cross-platform plug-in for delivering the next generation of .NET based media experiences and rich interactive applications for the Web and for mobile devices.” The next generation of SilverLight (out in beta now and due out for production later this year) will include support for browser-less web applications, meaning your applications can live anywhere and you may not need to be online all the time to use them. The ability to create a genuinely seamless workflow for your in-house and mobile workforce is within sight!